From 6560f6c6d5b45bf6994fa2f1130eb23bc327d599 Mon Sep 17 00:00:00 2001
From: Ingela Anderton Andin <ingela@erlang.org>
Date: Wed, 2 Apr 2014 17:13:25 +0200
Subject: public_key: Document issuer_fun option to pkix_crls_validate/3

---
 lib/public_key/doc/src/public_key.xml | 29 ++++++++++++++++++++++++-----
 1 file changed, 24 insertions(+), 5 deletions(-)

diff --git a/lib/public_key/doc/src/public_key.xml b/lib/public_key/doc/src/public_key.xml
index 61ce9dd3f6..172a2faba0 100644
--- a/lib/public_key/doc/src/public_key.xml
+++ b/lib/public_key/doc/src/public_key.xml
@@ -461,11 +461,14 @@
 	  <p>The fun should be defined as:</p>
 
 	  <code>
-fun(OtpCert :: #'OTPCertificate'{}, Event :: {bad_cert, Reason :: atom()} |
-	                                     {extension, #'Extension'{}},
+fun(OtpCert :: #'OTPCertificate'{},
+    Event :: {bad_cert, Reason :: atom()} |
+             {extension, #'Extension'{}},
     InitialUserState :: term()) ->
-	{valid, UserState :: term()} | {valid_peer, UserState :: term()} |
-	{fail, Reason :: term()} | {unknown, UserState :: term()}.
+	{valid, UserState :: term()} |
+	{valid_peer, UserState :: term()} |
+	{fail, Reason :: term()} |
+	{unknown, UserState :: term()}.
 	  </code>
 
 	<p>If the verify callback fun returns {fail, Reason}, the
@@ -511,7 +514,8 @@ fun(OtpCert :: #'OTPCertificate'{}, Event :: {bad_cert, Reason :: atom()} |
 	<item>
 	  <p>The fun has the following type spec:</p>
 
-	  <code> fun(#'DistributionPoint'{}, #'CertificateList'{}) -> #'CertificateList'{}</code>
+	  <code> fun(#'DistributionPoint'{}, #'CertificateList'{}) ->
+        #'CertificateList'{}</code>
 
 	  <p>The fun should use the information in the distribution point to acesses
 	  the lates possible version of the CRL. If this fun is not specified
@@ -519,6 +523,21 @@ fun(OtpCert :: #'OTPCertificate'{}, Event :: {bad_cert, Reason :: atom()} |
 	  </p>
 	  <code> fun(_DP, CRL) -> CRL end</code>
 	</item>
+
+	<tag>{issuer_fun, fun()}</tag>
+	<item>
+	  <p>The fun has the following type spec:</p>
+
+	  <code>
+fun(#'DistributionPoint'{}, #'CertificateList'{},
+    {rdnSequence,[#'AttributeTypeAndValue'{}]}, term()) ->
+	{ok, #'OTPCertificate'{}, [der_encoded]}</code>
+
+	  <p>The fun should return the Root certificate and certificate chain
+	  that has signed the CRL. 
+	  </p>
+	  <code> fun(DP, CRL, Issuer, UserState) -> {ok, RootCert, CertChain}</code>
+	</item>	
       </taglist>
     </desc>
    </func>
-- 
cgit v1.2.3